<?php
// 获取客户端IP地址
$clientIP = $_SERVER['REMOTE_ADDR'];

// 定义允许访问的IP范围（局域网IP段）
$allowedIPs = [
    '10.0.0.0/8',       // 10.0.0.0 - 10.255.255.255
    '172.16.0.0/12',    // 172.16.0.0 - 172.31.255.255
    '192.168.0.0/16',   // 192.168.0.0 - 192.168.255.255
    '127.0.0.1',        // 本地环回地址
    '::1'               // IPv6本地地址
];

// 检查IP是否在允许范围内
$isAllowed = false;
foreach ($allowedIPs as $range) {
    if (ipInRange($clientIP, $range)) {
        $isAllowed = true;
        break;
    }
}

// 如果不在允许范围内，拒绝访问
if (!$isAllowed) {
    header('HTTP/1.1 403 Forbidden');
    exit('<h1>403 Forbidden</h1><p>此页面仅限内网访问</p>');
}

// IP范围检查函数
function ipInRange($ip, $range) {
    if ($range === '127.0.0.1' || $range === '::1') {
        return $ip === $range;
    }
    
    list($subnet, $bits) = explode('/', $range);
    $ip = inet_pton($ip);
    $subnet = inet_pton($subnet);
    $mask = -1 << (32 - $bits);
    $mask = inet_pton(long2ip($mask));
    
    return ($ip & $mask) === ($subnet & $mask);
}

// 封禁系统功能
$banFile = 'fjss.json';

// 处理表单提交
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $action = $_POST['action'] ?? '';
    $username = trim($_POST['username'] ?? '');
    
    $bans = file_exists($banFile) ? json_decode(file_get_contents($banFile), true) : [];
    
    if ($action === 'add' && !empty($username)) {
        // 检查是否永久封禁
        $isPermanent = isset($_POST['permanent']) && $_POST['permanent'] === '1';
        
        $bans[$username] = [
            'reason' => $_POST['reason'] ?? '违反用户协议',
            'end_time' => $isPermanent ? null : ($_POST['end_time'] ?? null),
            'admin' => '内网管理员',
            'timestamp' => date('Y-m-d H:i:s'),
            'permanent' => $isPermanent
        ];
    } elseif ($action === 'remove' && isset($bans[$username])) {
        unset($bans[$username]);
    }
    
    file_put_contents($banFile, json_encode($bans));
}

// 获取当前封禁列表
$bans = file_exists($banFile) ? json_decode(file_get_contents($banFile), true) : [];

// 时间格式化函数
function formatBanTime($time) {
    if ($time === null) return '永久封禁';
    return date('Y-m-d H:i', strtotime($time));
}
?>
<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>封禁管理系统 - JIILCHAT</title>
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css">
    <style>
        * {
            margin: 0;
            padding: 0;
            box-sizing: border-box;
            font-family: 'Segoe UI', 'PingFang SC', 'Microsoft YaHei', sans-serif;
        }
        
        body {
            background: #f8f9fa;
            padding: 20px;
        }
        
        .container {
            max-width: 1200px;
            margin: 0 auto;
            background: white;
            border-radius: 16px;
            box-shadow: 0 10px 40px rgba(0, 0, 0, 0.08);
            overflow: hidden;
        }
        
        .header {
            background: linear-gradient(135deg, #3498db, #2980b9);
            color: white;
            padding: 30px;
            text-align: center;
            position: relative;
        }
        
        .header::after {
            content: "内网访问专用";
            position: absolute;
            top: 15px;
            right: 15px;
            background: rgba(255,255,255,0.2);
            padding: 5px 15px;
            border-radius: 20px;
            font-size: 14px;
        }
        
        .title {
            font-size: 36px;
            font-weight: 700;
            margin-bottom: 10px;
        }
        
        .subtitle {
            font-size: 18px;
            opacity: 0.9;
        }
        
        .client-info {
            position: absolute;
            bottom: 15px;
            left: 15px;
            font-size: 14px;
            color: rgba(255,255,255,0.8);
        }
        
        .content {
            padding: 30px;
        }
        
        .section {
            margin-bottom: 40px;
            padding-bottom: 30px;
            border-bottom: 1px solid #f0f4f8;
        }
        
        .section-title {
            font-size: 28px;
            font-weight: 600;
            color: #2d3748;
            margin-bottom: 25px;
            padding-bottom: 10px;
            border-bottom: 2px solid #3498db;
        }
        
        .form-group {
            margin-bottom: 25px;
        }
        
        .form-label {
            display: block;
            margin-bottom: 10px;
            font-weight: 500;
            color: #2d3748;
            font-size: 18px;
        }
        
        .form-control {
            width: 100%;
            padding: 15px 18px;
            border: 1px solid #e2e8f0;
            border-radius: 10px;
            font-size: 16px;
            transition: all 0.3s;
            background: #f8fafc;
        }
        
        .form-control:focus {
            outline: none;
            border-color: #3498db;
            box-shadow: 0 0 0 3px rgba(52, 152, 219, 0.2);
        }
        
        .form-row {
            display: flex;
            gap: 20px;
            margin-bottom: 20px;
        }
        
        .form-col {
            flex: 1;
        }
        
        .btn {
            padding: 14px 28px;
            background: #3498db;
            color: white;
            border: none;
            border-radius: 10px;
            font-size: 18px;
            font-weight: 600;
            cursor: pointer;
            transition: all 0.3s;
            display: inline-flex;
            align-items: center;
            gap: 8px;
        }
        
        .btn:hover {
            background: #2980b9;
            transform: translateY(-2px);
            box-shadow: 0 4px 15px rgba(52, 152, 219, 0.3);
        }
        
        .btn-danger {
            background: #e74c3c;
        }
        
        .btn-danger:hover {
            background: #c0392b;
        }
        
        .btn-success {
            background: #2ecc71;
        }
        
        .btn-success:hover {
            background: #27ae60;
        }
        
        .checkbox-group {
            display: flex;
            align-items: center;
            gap: 10px;
            margin-top: 15px;
        }
        
        .checkbox-label {
            font-size: 16px;
            color: #4a5568;
        }
        
        .table-container {
            overflow-x: auto;
            margin-top: 20px;
            border: 1px solid #e2e8f0;
            border-radius: 10px;
            box-shadow: 0 2px 10px rgba(0,0,0,0.05);
        }
        
        table {
            width: 100%;
            border-collapse: collapse;
        }
        
        th, td {
            padding: 18px;
            text-align: left;
            border-bottom: 1px solid #e2e8f0;
        }
        
        th {
            background-color: #f8fafc;
            font-weight: 600;
            color: #2d3748;
            font-size: 17px;
        }
        
        tr:hover {
            background-color: #f8fafc;
        }
        
        .action-cell {
            display: flex;
            gap: 10px;
        }
        
        .no-bans {
            text-align: center;
            padding: 40px;
            color: #718096;
            font-size: 18px;
        }
        
        .no-bans i {
            font-size: 48px;
            margin-bottom: 15px;
            color: #3498db;
        }
        
        .permanent-badge {
            background: #e74c3c;
            color: white;
            padding: 5px 12px;
            border-radius: 20px;
            font-size: 14px;
            font-weight: 600;
            display: inline-block;
        }
        
        @media (max-width: 768px) {
            .form-row {
                flex-direction: column;
                gap: 15px;
            }
            
            .header {
                padding: 20px;
            }
            
            .title {
                font-size: 28px;
            }
            
            .subtitle {
                font-size: 16px;
            }
            
            .content {
                padding: 20px;
            }
            
            .section-title {
                font-size: 24px;
            }
            
            th, td {
                padding: 14px;
            }
        }
    </style>
</head>
<body>
    <div class="container">
        <div class="header">
            <h1 class="title">用户封禁管理系统</h1>
            <div class="subtitle">JIILCHAT 内网管理面板</div>
            <div class="client-info">您的IP: <?php echo $clientIP; ?></div>
        </div>
        
        <div class="content">
            <div class="section">
                <h2 class="section-title">添加新封禁</h2>
                <form method="POST">
                    <input type="hidden" name="action" value="add">
                    
                    <div class="form-row">
                        <div class="form-col">
                            <div class="form-group">
                                <label class="form-label" for="username">用户名</label>
                                <input type="text" id="username" name="username" class="form-control" placeholder="输入要封禁的用户名" required>
                            </div>
                        </div>
                        
                        <div class="form-col">
                            <div class="form-group">
                                <label class="form-label" for="reason">封禁理由</label>
                                <input type="text" id="reason" name="reason" class="form-control" placeholder="输入封禁理由" required>
                            </div>
                        </div>
                    </div>
                    
                    <div class="form-row">
                        <div class="form-col">
                            <div class="form-group">
                                <label class="form-label" for="end_time">结束时间</label>
                                <input type="datetime-local" id="end_time" name="end_time" class="form-control">
                            </div>
                        </div>
                        
                        <div class="form-col">
                            <div class="checkbox-group">
                                <input type="checkbox" id="permanent" name="permanent" value="1">
                                <label class="checkbox-label" for="permanent">永久封禁</label>
                            </div>
                        </div>
                    </div>
                    
                    <button type="submit" class="btn">
                        <i class="fas fa-ban"></i> 添加封禁
                    </button>
                </form>
            </div>
            
            <div class="section">
                <h2 class="section-title">解除封禁</h2>
                <form method="POST">
                    <input type="hidden" name="action" value="remove">
                    
                    <div class="form-group">
                        <label class="form-label" for="remove_username">用户名</label>
                        <input type="text" id="remove_username" name="username" class="form-control" placeholder="输入要解封的用户名" required>
                    </div>
                    
                    <button type="submit" class="btn btn-danger">
                        <i class="fas fa-unlock"></i> 解除封禁
                    </button>
                </form>
            </div>
            
            <div class="section">
                <h2 class="section-title">当前封禁列表</h2>
                
                <div class="table-container">
                    <?php if (empty($bans)): ?>
                        <div class="no-bans">
                            <i class="fas fa-check-circle"></i>
                            <p>当前没有封禁用户</p>
                        </div>
                    <?php else: ?>
                        <table>
                            <thead>
                                <tr>
                                    <th>用户名</th>
                                    <th>封禁理由</th>
                                    <th>结束时间</th>
                                    <th>操作时间</th>
                                    <th>操作</th>
                                </tr>
                            </thead>
                            <tbody>
                                <?php foreach ($bans as $user => $info): ?>
                                <tr>
                                    <td><?= htmlspecialchars($user) ?></td>
                                    <td><?= htmlspecialchars($info['reason'] ?? '') ?></td>
                                    <td>
                                        <?php if (isset($info['permanent']) && $info['permanent']): ?>
                                            <span class="permanent-badge">永久封禁</span>
                                        <?php else: ?>
                                            <?= formatBanTime($info['end_time'] ?? null) ?>
                                        <?php endif; ?>
                                    </td>
                                    <td><?= $info['timestamp'] ?? '' ?></td>
                                    <td class="action-cell">
                                        <form method="POST" style="display: inline;">
                                            <input type="hidden" name="action" value="remove">
                                            <input type="hidden" name="username" value="<?= htmlspecialchars($user) ?>">
                                            <button type="submit" class="btn btn-danger">
                                                <i class="fas fa-trash-alt"></i> 解封
                                            </button>
                                        </form>
                                    </td>
                                </tr>
                                <?php endforeach; ?>
                            </tbody>
                        </table>
                    <?php endif; ?>
                </div>
            </div>
        </div>
    </div>
    
    <script>
        // 永久封禁复选框功能
        const permanentCheckbox = document.getElementById('permanent');
        const endTimeInput = document.getElementById('end_time');
        
        permanentCheckbox.addEventListener('change', function() {
            if (this.checked) {
                endTimeInput.disabled = true;
                endTimeInput.value = '';
            } else {
                endTimeInput.disabled = false;
            }
        });
        
        // 初始状态检查
        if (permanentCheckbox.checked) {
            endTimeInput.disabled = true;
        }
    </script>
</body>
</html>